SRX

Expand all | Collapse all

Migrate Configuration and Firmware from SRX 550 to another one SRX550

Jump to Best Answer
  • 1.  Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-11-2019 22:27

    Dear Team,

     

    I have SRX 550 which is alreday configured and firmware version is running 12.3X48-D75.4-domestic

     

    SO we have another SRX 550 Which having firmware version running with 12.3X48-D30.7-domestic

     

     

    So i wanted to do same configuration and same firmware from first SRX550 to second 

     

    Please let us know what steps has to follow to do this activity with success.

     

     

    Regards,

    Harmesh Yadav



  • 2.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-11-2019 22:49
    Hi,

    For the configuration, you can try a "show | display set" from configuration mode on the working SRX and copy the resulting output to the other SRX's on configuration mode.

    For the junos upgrade, you need to perform a regular junos upgrade, check the following link:

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB16652&actp=METADATA

    If you don't have the SRX junos package/image you can check the SRX with the newest junos version in order to confirm if the file is still available:

    > file list var/tmp/

    If the file is there, you can download it from that folder and upload it to the same folder on the second SRX.




    Enviado desde mi smartphone Samsung Galaxy.


  • 3.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-12-2019 23:57

    Dear Team ,

     

    Thanks for your help , i have successfully upgraded device with same firmware version of source device.

    Now problem i have collected output of "show | display set" and tried to do configuration but i am getting error when commit that configuration like below

     

    root# commit
    [edit interfaces ge-0/0/3 unit 0 family ethernet-switching]
    'vlan'
    vlan member cannot be used on interface with vlan-id/vlan-tags
    error: commit failed: (statements constraint check failed)

     

    Please let us know what is the issue and why it not saving configuration

     

    Regards,

    Harmesh yadav



  • 4.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-13-2019 00:07

    Hi,

    Please share or check the following configuration command from both SRXs: show interfaces ge-0/0/3. There might be a configuration difference on the SRX you just upgraded in regards the original SRX.

     



  • 5.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-13-2019 02:57

    Dear team,

     

    I have set command , toady i dont have device access i will do configuration on monday

     

    set interfaces ge-0/0/3 vlan-tagging
    set interfaces ge-0/0/3 unit 0 vlan-id 178
    set interfaces ge-0/0/3 unit 0 family inet address 10.x.x.x/x



  • 6.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-13-2019 05:12

    Hi Harmesh,

     

    Looks like you have both family inet and ethernet-switching configured. Can you remove the ethernet-switching configuration and apply the commit?

     

    Regards,

    Vignesh.



  • 7.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-13-2019 14:35

    Harmesh,

     

    If you are copying the configuration from the other SRX, then you need to delete the existing one first, otherwise they will merge and this can cause problems like the one you are reporting where a single interface is being configured with two different family types. As metioned, try:

     

    [edit]
    # delete
    # commit

    Then use the "load set terminal" command and paste the config from the original SRX.

     

    If the above scenario is not what you are doing, then please explain it better in order to help you in the best way possible.

     



  • 8.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-14-2019 10:48

    Dear Team ,

     

    Can I take backup file  of existing SRX device configuration and copy that file and restore that one to another SRX ?



  • 9.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-14-2019 11:08

    Hi Harmesh,

     

    Certainly you can.

     

    1. On the first SRX, save the confiiguration to a file named "config.txt" under /var/tmp/ directory:

     

    [edit]
    # save /var/tmp/config.txt
    # run file list /var/tmp/config.txt detail (to confirm the generation of the file)

     

    2. Download the file from the first SRX and upload it to the second SRX under the same /var/tmp/ directory.

     

    3. Delele the configuration on the second SRX to avoid conflicts:

     

    [edit]
    # delete
    # set system root-authentication plain-text-password  (you need to have at least the root password configured)
    #commit

     

    4. Load the previously uploaded config file:

     

    [edit]
    # load override /var/tmp/config.txt
    #commit

     

    Hope this helps.

     



  • 10.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-15-2019 01:37

    Dear Team ,

     

    Thanks for your help we have resolved this issue .

     

    Regards,

    Harmesh Yadav

     



  • 11.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550
    Best Answer

    Posted 04-13-2019 09:12

    Hello Harmesh,

     

    Its quite simple. Now that you have upgraded your new SRX to the version you wanted and have copied the display set file on it, you can follow the steps below :- 

     

    1. Remove all the existing configuration.

     

    root> edit 
    warning: uncommitted changes will be discarded on exit
    Entering configuration mode
    
    [edit]
    root# delete 
    This will delete the entire configuration
    Delete everything under this level? [yes,no] (no)yes

     

    2. Now load the new configuration.

     

    root# load set /var/tmp/<CONFIG-FILENAME>
    root# commit and-quit
    root>

     

     

    This should resolve the issue.

     

    Note that when you add new configuration, some parts like interfaces simply add to existing configuration instead of overwritting it. This is because sections like interfaces may cater multiple families and IPs.

     

    Hope this will help you.

     

    Thanks!



  • 12.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

     
    Posted 04-11-2019 23:09
    Hi Harmesh,
    Few other considerations:

    > Is the firewall you are migrating from in a chassis cluster?
    > Any licenses installed?
    > Any scripts running?

    If you can share following command outputs from current/first firewall we can validate:

    > show chassis cluster status
    > show system license
    > show configuration system scripts
    > show configuration event-options

    Best Regards,

    Vikas



    Juniper Internal


  • 13.  RE: Migrate Configuration and Firmware from SRX 550 to another one SRX550

    Posted 04-13-2019 00:00

    Commad Output Which you required

     

    @F> show chassis cluster status

    error: Chassis cluster is not enabled.

     

    @F> show system license

    License usage:

                                     Licenses     Licenses    Licenses    Expiry

      Feature name                       used    installed      needed

      dynamic-vpn                           0            2           0    permanent

      ax411-wlan-ap                         0            2           0    permanent

     

    Licenses installed: none